CVE-2017-15101: A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of…

critical9.8CVSS 3.0

AVNACLPRNUINSUCHIHAH

A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution.

Affected

10 ranges

Vendor	Product	Version range	Fixed in
debian	liblouis	—	—
liblouis	liblouis	< 2.5.4	2.5.4
liblouis	liblouis	—	—
liblouis	liblouis	>= 0 < 2.5.3-2ubuntu1.2	2.5.3-2ubuntu1.2
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_aus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_server_eus	—	—
redhat	enterprise_linux_workstation	—	—

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

osv9.8CRITICAL